| Vulnerability Name: | CVE-2015-4002 (CCN-103752) | ||||||||||||||||||||||||
| Assigned: | 2015-05-27 | ||||||||||||||||||||||||
| Published: | 2015-05-27 | ||||||||||||||||||||||||
| Updated: | 2022-11-03 | ||||||||||||||||||||||||
| Summary: | drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 8.6 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C) 6.6 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C/E:U/RL:OF/RC:C)
6.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2015-4002 Source: CONFIRM Type: Vendor Advisory http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 Source: CCN Type: Linux Kernel GIT Repository ozwpan: Use proper check to prevent heap overflow Source: CONFIRM Type: Vendor Advisory http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e Source: SUSE Type: Mailing List, Third Party Advisory openSUSE-SU-2015:1382 Source: MLIST Type: Mailing List [oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities Source: CCN Type: oss-security Mailing List, Wed, 27 May 2015 16:45:15 +0200 CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities Source: CCN Type: oss-security Mailing List, Fri, 5 Jun 2015 17:29:22 -0400 (EDT) Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities Source: BID Type: Third Party Advisory, VDB Entry 74668 Source: CCN Type: BID-74668 Linux Kernel 'ozwpan' Driver Multiple Denial of Service Vulnerabilities Source: UBUNTU Type: Third Party Advisory USN-2665-1 Source: UBUNTU Type: Third Party Advisory USN-2667-1 Source: XF Type: UNKNOWN linux-kernel-cve20154002-code-exec(103752) Source: CONFIRM Type: Vendor Advisory https://github.com/torvalds/linux/commit/9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 Source: CONFIRM Type: Vendor Advisory https://github.com/torvalds/linux/commit/d114b9fe78c8d6fc6e70808c2092aa307c36dc8e Source: CCN Type: WhiteSource Vulnerability Database CVE-2015-4002 | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||